Last week, the U.S. Department of Justice (DOJ) filed a lengthy complaint and consent order in a lawsuit against Four Oaks Bank & Trust Company. The DOJ action is the first lawsuit (and settlement) under "Operation Choke Point," a coordinated multiagency enforcement initiative targeting banks serving online payday lenders and other companies that have raised regulatory concerns
Four Oaks Bank is a small North Carolina bank that had processed ACH transactions for payday lenders through an arrangement with an unidentified third-party payment processor. Based on allegations of inadequate diligence and control over the payment processor and its customers, the DOJ obtained $1.2 million in monetary relief and injunctive relief addressing the bank's dealings with third-party payment processors and with Internet short-term (payday) lenders, credit repair organizations, mortgage assistance relief companies, telemarketers and Internet-based businesses (collectively, "Target Companies").
The complaint against Four Oaks Bank is drafted broadly and is probably intended to send a warning to banks dealing with third-party payment processors and Target Companies. Brought under the Anti-Fraud Injunction Act and the Financial Institutions Reform, Recovery, and Enforcement Act, all of the DOJ claims are necessarily premised upon allegations of the bank's commission of predicate federal criminal offenses, in this case alleged knowing participation in a wire fraud scheme.
The DOJ treated a series of lending practices by the online payday lenders who were served by the bank's third-party payment processor as fraudulent activity or, at a minimum, warning signs of illegality:
- Some loan agreements included single-payment disclosures under the Truth in Lending Act (TILA) even though they allegedly "hid[ ] in small print and in confusing language" steps required to pay off the loans. The legality of this practice under TILA is the subject of ongoing litigation in a lawsuit brought by the FTC.
- Some loan agreements required consumers to authorize recurring ACH payments, in alleged violation of the Electronic Funds Transfer Act (EFTA). While the CFPB is aware that many lenders require ACH payments on installment loans where the borrower fails to pay by other methods, it has not, at least yet, asserted that these arrangements violate the EFTA.
- Some loan agreements violated the FTC rule limiting wage garnishments.
- Some loan agreements of tribal, offshore and other so-called "choice-of-law" lenders provided for interest at rates prohibited by the law of the states where borrowers resided (but likely permitted by the law of the jurisdiction where the lender was located or licensed).
- In some cases, complaints of unauthorized transactions exceeded thresholds established by NACHA, and in other cases overall return rates were quite high (more than double the 15 percent threshold recently proposed by NACHA).
In addition to the monetary relief, the consent order limits the bank's dealings with third-party payment processors and Target Companies and requires the bank to commission an independent review of its conduct. Limits relating to third-party payment processors include:
- The bank cannot deal with a third-party payment processor that has serviced within the past two years any Internet payday lender that generated transactions in excess of specified return thresholds (High-Return Originators). Interestingly, the return thresholds set forth in the Four Oaks settlement are exactly the same as the thresholds in the recent NACHA proposal, described in a prior e-alert: 0.5 percent for unauthorized debits, 3 percent for data quality returns, and 15 percent for total returns. We do not know whether the DOJ chose to adopt the thresholds in the NACHA proposal, NACHA proposed thresholds suggested by the DOJ and/or other agencies, or the thresholds were arrived at jointly.
- The bank must cease doing business with any third-party payment processor that subsequently services any company (not just a Target Company) that is a High-Return Originator unless the bank performs extensive diligence on the High-Return Originator within 30 days and determines to its reasonable satisfaction that the originator is complying with all applicable federal and state laws.
- The bank must not provide any bank accounts or banking services to a third-party payment processor unless the processor is duly licensed as a money transmitter in all relevant states (or certified by state authorities as not needing a license) and registered with FinCEN as a money services business.
Additional restrictions apply to the bank's dealings with Target Companies and other parties. For example, the bank must not provide ACH or credit card services, directly or indirectly, to any Target Company unless the Bank has:
- conducted and thereafter conducts on a quarterly basis (or annually for businesses in the Bank's CRA area) the due diligence required for direct customers of the Bank; and
- established, after reasonable inquiry, in good faith, and to best of its ability that the Target Company is not engaged in any false or deceptive business practice or any business practice that would violate:
- any U.S. law
- any state law (specifically including any licensing or registration law) of the state where the merchant is located or has customers; or
- any NACHA Rule.
Finally, the bank cannot accept remotely created checks (RCCs) as an originating depository financial institution (ODFI) for a Target Company. (At this point, the DOJ has not spelled out the nature of its concern with RCCs.)
The provisions of the consent order addressing direct dealings between the bank and companies seeking ACH services do not directly distinguish between Target Companies that are High-Return Originators and those that are not. However, by requiring the bank to ensure that its Target Company customers comply with NACHA Rules, the consent order would seem to indirectly impose return thresholds on bank customers. As explained in our e-alert on the NACHA return-rate proposal, a 15 percent overall return threshold may be limiting when applied to payday lenders. This industry serves high-risk borrowers who frequently struggle to maintain sufficient funds in their bank accounts. Accordingly, returns exceeding 15 percent (even substantially exceeding that rate) may not alone provide evidence of lender wrongdoing.
The settlement of this lawsuit means that the DOJ's legal theories will remain untested for now, including whether state-law usury violations or the alleged EFTA violations might constitute wire fraud (or evidence of wire fraud) prohibited by federal law. A recent CFPB lawsuit against CashCall, described in one of our blog posts, treats state-law usury claims as federal unfair, deceptive, or abusive acts or practices (UDAAP) violations (but does not address whether they are wire fraud violations). Whether the DOJ theory here echoes or differs from the CFPB theory is uncertain. We do not know whether the DOJ consulted with the CFPB regarding the DOJ's interpretation of the EFTA.
Operation Choke Point and the DOJ lawsuit will certainly make it harder for unscrupulous Target Companies to operate. Lawfully operating Target Companies may also be affected, however. If the consent order is read to require banks processing ACH transactions to ensure that their customers comply completely with all applicable law, many banks may discontinue providing ACH services to all Target Companies. Accordingly, we hope that clarification is provided that the duty on banks is to ensure that their ACH customers have a lawful business model, a thorough due diligence investigation discloses no apparent and continuing violations of applicable law, and any grounds for concern are promptly investigated and resolved.
The CFPB lawsuit against CashCall was ground-breaking. The DOJ lawsuit against Four Oaks Bank is earth-shattering.
Ballard Spahr's Consumer Financial Services Group is nationally recognized for its guidance in structuring and documenting new consumer financial services products, its experience with the full range of federal and state consumer credit laws, and its skill in litigation defense and avoidance. The firm’s White Collar Defense/Internal Investigations Group is well versed and experienced in defending claims involving both civil and criminal allegations of fraud and abuse in a myriad of matters. It also regularly conducts internal investigations and advises companies on best practices and compliance issues.
For more information, contact CFS Practice Leader Jeremy T. Rosenblum at 215.864.8505 or email@example.com, Christopher J. Willis at 678.420.9436 or firstname.lastname@example.org, or Marjorie J. Peerce at 212.223.0200 x8039 or email@example.com.
Copyright © 2014 by Ballard Spahr LLP.
(No claim to original U.S. government material.)
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.
This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.